![]() This first class of OATH Token Identifiers has been designed primarily for identification of hardware tokens. We struggled to come up with a single format that could support all of the above requirements and hence our approach of developing a ‘family’ of token identifier specifications.Ĭlass A – OATH Token Identifier (for Hardware tokens) On the other hand if OATH credentials are pre-provisioned in mass market devices such as SIM cards you would need a larger namespace. For example, as hardware tokens get smaller in size, it is challenging to print any more that 12 characters on the back of the token in a reasonable font size. It is challenging to support all the above requirements in a single token identifier format. Soft tokens may have unique requirements because they can be generated by several different parties (enterprises) dynamically, in an environment that is not as controlled as hardware tokens. Namespace should be able to support soft tokens.Namespace should be capable of handling large volumes anticipated with embedding (pre-provisioning) OATH credentials into mass market devices such as SIM cards, mobile phones, etc.Namespace should be compatible with all the OATH authentication algorithms viz.It should allow have a sufficiently big number of unique tokens. Namespace should be able to meet requirements for next 20 years.The solution should not require the Identifiers to be assigned in a sequential fashion.Namespace should enable unique IDs across vendors, possibly by reserving some bits/characters for a vendor code that is assigned by OATH.hardware token or in the case of software token displayed in the user interface and enter it for various lifecycle and administrative operations. ![]() Should be user friendly – typically the user (end-user or helpdesk staff) needs to read the ID printed on the back of the device i.e. We have identified the following key requirements for OATH token identifiers.embedded credential) we plan to develop a different ‘classes’ of compatible token identifier formats rather than a single format. Since different implementations of OATH tokens have very differing requirements (e.g. The OATH Token Identifier specification enables each authentication credential to be uniquely identified globally.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |